Network administrators often need to set up secured communication between devices on a network. This requires the network administrator to manually input a pair of shared keys on each network device or application that requires secure communication. In some cases, multiple keys must be manually input on each machine for different applications or different secured communication protocols. In large networks or clusters of computers this can be a time consuming task.
In addition, the manual input process is prone to error. Human entry of the data into each computer can result in mis-typed or mis-read keys being provided to a machine. This risk is greatly amplified in large systems. This increases the time and resources needed to set up the secured communication and to debug errors in the secured communication.
Shared keys are needed in the context of monitoring and managing computer systems and components over a network. A monitoring appliance communicates with agents that directly monitor or control devices or components in the system. The agents provide access to monitored device data as a set of variables. Device data that can be monitored by an agent can include an amount of free memory in a system and a number of running processes on that system. The monitoring appliance can access the monitored device data through requests over a secured communication channel.
The monitoring appliance gathers data from a plurality of agents and then makes the data available to users and administrators through a service provided as web based data management interface. The data management interface is provided by a backend server system. The backend server system obtains data from the agents via the monitoring appliance. The monitoring appliance is a machine on a local network that communicates with each agent and collects relevant information to be passed to the backend server. A separate monitoring appliance is utilized for each local network or for each account handled by the backend server.
During configuration of new agents, each agent must be configured to recognize the monitoring appliance. Part of this process is providing a public key to each agent to enable secure communications with the monitoring appliance. This involves a manual input process or cut and paste operation to provide the monitoring appliance key to the agent. As with other manual key distributions processes, this process is prone to human error in copying the monitoring appliance key into the agents manually.